Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libjettison-java 1.5.1-1 (source) into unstable
Date: Thu, 10 Nov 2022 00:49:44 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 10 Nov 2022 01:09:07 +0100
Source: libjettison-java
Architecture: source
Version: 1.5.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 1022554
Changes:
 libjettison-java (1.5.1-1) unstable; urgency=medium
 .
   * Team upload.
   * New upstream version 1.5.1.
   * Fix CVE-2022-40149:
     It was discovered that libjettison-java, a collection of StAX parsers and
     writers for JSON, was vulnerable to a denial-of-service attack, if the
     attacker provided untrusted XML or JSON data. (Closes: #1022554)
Checksums-Sha1:
 88de49c57edf10f1ef729593726ab48873244ae0 2243 libjettison-java_1.5.1-1.dsc
 f44baa1a3f485ba3ce45af004914f8727ef8b368 71734 libjettison-java_1.5.1.orig.tar.gz
 ff724eca54ea76dc464dab6b9b5f0b4c3ca16062 2868 libjettison-java_1.5.1-1.debian.tar.xz
 1324e05756ef8dfa06aa25826504a58c796f8a14 14950 libjettison-java_1.5.1-1_amd64.buildinfo
Checksums-Sha256:
 a384188a4c3d9deac7bf9238ae1e6d1379a1b23f4c7aaf3100ba8a81558bf697 2243 libjettison-java_1.5.1-1.dsc
 d62eb36b7eeb31b913ef342d40a9f1ed751ec41e57db1e31196b5077177d8bce 71734 libjettison-java_1.5.1.orig.tar.gz
 72db287811765483a0cec78b8c06ed5ca5e8a11abc3afe3de3522a4f1fc1d7c0 2868 libjettison-java_1.5.1-1.debian.tar.xz
 3609341285bda2340d2b7fc4d74add6cf509337384ecae050938832c28a93df8 14950 libjettison-java_1.5.1-1_amd64.buildinfo
Files:
 32478dc8ed5ccfe93322c7794d25ed3d 2243 java optional libjettison-java_1.5.1-1.dsc
 c650606708b7832b9afd33d471ac4551 71734 java optional libjettison-java_1.5.1.orig.tar.gz
 fcfa0f7e8fcb58e3f73fcc2ba8829b25 2868 java optional libjettison-java_1.5.1-1.debian.tar.xz
 da0fe8caca1590d3e2f1703903665e53 14950 java optional libjettison-java_1.5.1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmNsRHNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk6MMP+wRSztbWcZmlFGHrmAlX5yZTtl/2lGAZd72v
kqUiXvUkwYafW2mLEJjotfCX1dm9VfxsL6i11UmgNytZyOhoVjbRxXJG/sE3Oj0T
gK1eEtvn42afCI1nB2x9AbUawEf/DG2+qYS1XgjO4Xx9oL9clFLi+6NZ8FvPGAh2
gJWvt20gvg91hJ+3ESfNROkkHQgw/2uFS9bQHjvNZQny2/iKFbZhKHw/YyBjcpcR
luvVDOapUmbNa2C4TSCu0jb0CAjS+s4pxsysHmcLMMs6GlKyjmLsdPfHukmRgH+q
uWaDDHbbgyVtLsMSdPexJUUgpJ3yVp0OrpSrufPSWUA8kb+YS331newLfIiFz71m
dEEFrMnq3rQCpzA3vXhDkToJah2FOU52mZ4oioNy3QBp+mCyoxJEnZOu2xsywBa/
DYQ83RrljQtp30pbXjwAy7EZG89gP3esh8VoU42L7z9LUgpiGMN931UZWNw3xudO
ZNaQAt7mk+Df17RoWI0xEfyzKxPcEBkxYB7X0H6aHbZshKnddadKkxC/MTcpcRGA
puRK3to9PsIPIwpaAjvOEsiGx9U/Fg7i/pleuOtXVnzvXS3apve34ilJkFyGfCtn
Sl8l4DJzvlUgAKDBoM9WyOf5/fh10cM+hAooGn6RosCft3KkPt9I31uj5fgYV/Al
kb+obn1b
=EtcT
-----END PGP SIGNATURE-----
News for package libjettison-java
